To create firewall rules and add them to an NSX-T edge gateway, you must first create the firewall groups. Firewall groups are groups of objects to which the firewall rules apply. Combining multiple objects into firewall groups helps reduce the total number of firewall rules to be created.


  1. Navigate to Networking > Edges.
  2. Click the NSX-T edge gateway and click Security.
  3. Click the Groups tab and click New.
  4. Enter a name and, optionally, a description for the firewall group.
  5. Enter an IP address or an IP addresses range for the virtual machines that the group includes, and click Add.
  6. To save the firewall group, click Save.


You created a firewall group and added it to the NSX-T edge gateway.

What to do next

Add an NSX-T Edge Gateway Firewall Rule